Valve Software Steam Client 2.10.91.91
Approved changes feed: RSS · Atom
cpe:2.3:a:valvesoftware:steam_client:2.10.91.91:*:*:*:*:*:*:*
part: a version: 2.10.91.91 update: *
| Vendor | Valvesoftware (1f899491-a623-563d-8b9f-d478abb59c2f) |
|---|---|
| Product | Steam Client (e700e5cd-346d-5281-9bea-10d0567f7914) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2020-15530 |
vulnerable | 2026-06-08 05:19:26.073018 |
Details available
An issue was discovered in Valve Steam Client 2.10.91.91. The installer allows local users to gain NT AUTHORITY\SYSTEM privileges because some parts of %PROGRAMFILES(X86)%\Steam and/or %COMMONPROGRAMFILES(X86)%\Steam have weak permissions during a critical time window. An attacker can make this time window arbitrarily long by using opportunistic locks.
Published: 2020-07-05T00:31:24.000Z
Updated: 2024-08-04T13:15:20.825Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-7985 |
vulnerable | 2026-06-08 05:07:02.726018 |
Details available
Valve Steam 2.10.91.91 uses weak permissions (Users: read and write) for the Install folder, which allows local users to gain privileges via a Trojan horse steam.exe file.
Published: 2015-11-24T20:00:00.000Z
Updated: 2024-08-06T08:06:31.526Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.